How Atonomi Protects Against BLE Key Exposure

August 21, 2018

Earlier this summer a long-time Bluetooth Low Energy (BLE) key exposure vulnerability reared its ugly head again. For me, the event just underscored the remarkable value of the Protected Sessions technology that CENTRI has developed to protect Internet of Things (IoT) devices.

‍

While it has long been known that an unfixable key exposure problem existed for BLE 4.0, 4.1, and 4.2 (while operating in legacy mode), the market was taken by surprise when the same problem was found in BLE 4.2 standard mode and BLE 5.0. Fortunately, the code for BLE 4.2 and 5.0 could be remediated and a fix was circulated. Although affected smartphones were updated within a matter of months, many other device—especially those lacking over-the-air (OTA) update capabilities—may go years without remediation. And, the earlier versions of BLE have defied remediation because of fundamental design factors, meaning that the still widely used BLE 4.0, 4.1, and 4.2 in legacy mode versions are still vulnerable to key exposure attacks.

‍

The great news about Protected Sessions is that all of the session data would have remained protected despite the key exposure. With Protected Sessions the session data is protected separate from the communication protocol and thus is not subject to exposure even when the communication protocol is breached. Everything is encrypted, end-to-end.

‍

‍

Looking at BLE Key Exposure

‍

Earlier versions of BLE such as 4.0 and 4.1 (4.2 in legacy mode is essentially 4.1) make remediation of the handshake itself impossible because the design of the handshake is not protected by Diffie-Hellman.

‍

Taking a look at key generation, you can think of two people going to a beach on a treasure hunt. They get directions telling them a set of steps to take to arrive at the same exact spot that gives them each an identical key to use for communication. The problem comes when, figuratively speaking, a third person overhears directions for the treasure map and is able to create the exact same key. Now they can listen into, or join, the communication.

‍

Because this happens at pairing, you'll hear people say things along the lines of, “No big deal, they’re only exposed at pairing.” … “This is safe because these devices are within a few meters of each other, a few yards, a few feet.” … “Not going to be a big deal. Once they're paired up, we're safe.”

‍

Sounds good, but BLE has a feature in which one device can tell the other, “Hey, I forgot my key.” And the other device will say, “Okay, let's make a new one.” This means that a third device, within proximity of the other two, can speak a little bit louder and say, “Hey, I forgot my key.” This will cause the other two devices to negotiate a new key, while the third device listens in and captures the key. This is the problem of BLE 4.1 and earlier, and it’s why this is a permanent problem that can't be fixed. The only protection is through use of layered encryption or some other technique to keep your data safe.

‍

‍

How Protected Sessions Protects

‍

Protected Sessions also has a key exchange. However, it is protected through use of the Elliptic Curve Diffie-Hellman (ECDH) encryption. Both CENTRI and Atonomi use ECDH to generate a key for both sides. This enables Protected Sessions to encrypt data on the device, before it hits the network. This immediate encryption is critical because network transports only protect data while it is on the network, not at transition points—including transition points between networks.

‍

Protected Sessions establishes an end-to-end session to keep your data safely encrypted across different networks and all the points in between, including across multiple networks such as BLE, WiFi, LTE ZigBee, Z-Wave, TLS, UDP, and MQTT (and IP).

‍

‍

Giving New Life to Older Devices

‍

By providing end-to-end encryption within a very small footprint (about 25 K Flash, 10K RAM) Protected Sessions can actually give new life to older IoT devices that otherwise suffer from permanently compromised security. Protected Sessions protects the data flowing through the BLE link regardless of whether the link has been compromised or not. In short, Protected Sessions provides effective remediation for a problem that until now has been unsurmountable.

‍

Looking ahead, there will be new versions of wireless protocols, and other low-power networks for which similar key exposure problems may emerge. Protected Sessions allows you to be safe regardless of the network protocol. Our Protected Sessions packages just rides on top, from network to network, completely protected. CENTRI's Protected Sessions: The safest way for your data to travel.